The move to public SaaS applications like Office 365, Salesforce, and Box is well underway in most enterprises, but not without significant security & compliance challenges. In fact, more than 90% of organizations state that SaaS security concerns are inhibiting further cloud adoption.
The public cloud is proving to be as secure, if not more secure, than many premises-based applications, but enterprises need to keep in mind the shared responsibility model. Enterprises are turning to Cloud Access Security Brokers to solve critical SaaS security gaps across four main areas - cloud, mobile, identity and network.
cloud data protection & visibility
To enable secure, compliant public cloud usage, you need both visibility and real-time data protection from any device. Visibility requirements range from detailed, audit-level logging to suspicious activity detection and user behavior analytics. Data protection ensures that you are providing only legitimate access to sensitive data.
CASB Cloud Security solutions provide Cloud DLP and contextual access control via APIs and Proxies for comprehensive data protection. APIs are used to scan and protect data-at-rest, and proxies are used for inline, real-time protection for data being accessed via both managed and unmanaged devices.
mobile data protection
For many organizations, the fact that cloud data can be synchronized or downloaded to any device, even unmanaged devices, is a far bigger concern than that same data stored-at-rest in the cloud. This makes protection of that downloaded data critical.
breach and shadow IT discovery
Data leaving the corporate network and heading to high-risk destinations can take many forms - malware command and control sites, anonymizers like Tor, “shadow IT” cloud applications, and more. Discovering this high-risk traffic, including unsanctioned or “Shadow IT” cloud applications is a critical element of your SaaS security strategy. CASB Discovery solutions analyze proxy or firewall data to identify traffic headed to high-risk destinations.
cloud identity management
Identity is one of the cornerstones of SaaS security and improperly managed cloud identity can lead to identity sprawl and compromised accounts. Your strategy must include centralized identity management and key threat prevention functionality such as contextual multi-factor authentication.
A complete CASB features an integrated identity management solution (or works with an existing identity management infrastructure) to enable secure authentication across all cloud apps.
ready to secure your SaaS apps?
Check out the definitive guide to CASBs to find out how